What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,042
    It uses BitDefender and Emsisoft.

    See this post, or the thread on Ashampoo 2014.
     
  2. imdb

    imdb Registered Member

    Joined:
    Nov 2, 2011
    Posts:
    3,160
    thanks a lot for the info. :thumb:
     
  3. Antimalware18

    Antimalware18 Registered Member

    Joined:
    Dec 12, 2008
    Posts:
    417
    Replaced EMET with sandboxie. The new version isnt.causing.GUI issues in FF like the last.version was.
     
  4. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    BitDefender and Emsisoft:thumb: :thumb:
     
  5. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    remoed NoVirusThanks EXE Radar Pro 3:)it is a nice program but i need a hips=smart hips to guard the back doors too
    note:never mind I like NoVirusThanks EXE Radar Pro 3 too much it will stay :)
     
    Last edited: Oct 23, 2013
  6. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
    you have OA as hips?
     
  7. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    yes it is my current hips:thumb:
     
  8. tomazyk

    tomazyk Guest

    I removed ESET AV and EMET and enabled SRP for all users.
     
  9. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,707
    Location:
    USA
    I put him back on all machines four days ago.
    I'm noticing a slight performance hit on W7, that I think is Scotty.
    But I'm going to keep him around for awhile longer.
    Sure is a nice program.
     
  10. fearlessscientist

    fearlessscientist Registered Member

    Joined:
    Sep 6, 2013
    Posts:
    166
    Location:
    USA
    Performance hit due to scotty !
    I doubt that. I usually disable sounds and disable monitoring hidden files, file types and others. Maybe you can try that.
     
  11. THESAWISFAMILY2005

    THESAWISFAMILY2005 Registered Member

    Joined:
    Aug 10, 2012
    Posts:
    198
    Location:
    SACRAMENTO CALIFORNIA
    Webroot 2014
    Emsisoft Antimalware free
    Norton DNS

    ashampoo in near future
     
  12. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,549
    Running 7 x64 and didn't see a noticeable hit, but I took it off anyway. It'll be helpful to install it maybe once a month just to check on things, but with my setup I'm not seeing a need of having Scotty guard full-time.*puppy*
     
  13. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,549
    After lots of reading and thinking about it, I decided that the Bromium Labs report isn't enough of a reason to abandon Sandboxie. For me its advantages outweigh any vulnerability BL say they found. Maybe someday those exploits will be used and reported by users, but until then why not use Sandboxie for its many strengths. IMHO.

    But at the moment there is another problem that prevents me from being able to use Sandboxie. There is a conflict with just WSA running and also with just VoodooShield running. So I will load Sandboxie occasionally to see if the conflicts have been resolved, or maybe talk to WSA and VS about the problem. In the mean time I am seeing if I can stay safe without it.
     
  14. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,974
    Location:
    Parallel Universe
    Very impressive and nice setup as usual. Lot to learn.:):thumb:
     
  15. Thanks, but word of caution: reducing attack surface is balancing on the edge between allowing just enough to keep the system functional and crossing the line in making it malfunctioning or even non-functioning. When disabling services, reducing registry/file access permissions and optimising GPO often the functional limitations appear some time after applying the tweak (so have a good image backup plan in place).

    Example for Software Restriction Policies
    - For all files and all users EXCEPT administrators
    - Default level basis user

    => You need "Run MSI as Admin" tweak of Symantec
    => Clicking an executable in user space will show "program blocked by GPO"

    Plus side
    => Installing from user space works with right click "run as Administrator" only

    Downside
    => Most .Net updates will fail (extract into temp directory and launch normally), so (.Net) security updates have to be done manually, disabling FW and SRP.

    => Alternative De-install dotNet 4 after EMET 4 and disable 3.5 in Windows features (of Windows 7) and remove EMET agent from autorun
     
    Last edited by a moderator: Oct 23, 2013
  16. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,975
    Location:
    Boston, MA
    I recently had to remove sandboxie too. I thought it was a conflict with WSA but that wasn't the issue. I had nothing but sandboxie installed and firefox was still hanging and locked up after a few minutes of use. I'm sure it has to do with win 8.1. I'll be trying to figure it out and post over at the forum.
     
  17. tomazyk

    tomazyk Guest

    I had the same problem with Sandboxie 4.06 and Firefox on Windows 7. The problem happened on sites that are using flash content. Firefox would become unresponsive and I had to kill the process. I solved the problem by disabling Flash protected mode.
     
  18. emmjay

    emmjay Registered Member

    Joined:
    Jan 26, 2010
    Posts:
    1,413
    Location:
    Triassic
    If anyone has Chrome setup in EMET, would you please share your setup. Have you anything unticked?
     
  19. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,707
    Location:
    USA
    Well if you doubt that, I must be wrong.
     
  20. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,707
    Location:
    USA
    IMHO x2
     
  21. FleischmannTV

    FleischmannTV Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,094
    Location:
    Germany
    Everything is ticked and I've not run into any issues in the last weeks.
     
  22. tomazyk

    tomazyk Guest

    Here is detailed description of my security setup:

    I have used this text colours:
    - active protection is in green
    - on-demand tools are in blue
    - hardening, mitigations and others are in orange

    System configuration and hardening:
    • Operating system: Windows 7 Ultimate SP1 64 bit
    • User Account Control: I have set UAC control on 'Always notify'. All changes to my computer need administrator aproval.
    • Software Restriction Policy: SRP is set for non-administrators.
    • Autorun / Autoplay: This feature is disabled. Everything that needs to be run is run manually.
    • Services: All unnecessary services are disabled. Some services have startup type changed from "Automatic" to "Manual" and are run on-demand.
    • Windows 7 features: Unnecessary and unused Windows features are turned off.
    • User Accounts: Built-in Administrator and Guest accounts are disabled.

    Network security:
    • Router: Whole network is behind router with SPI firewall. Unsolicited inbound connections are blocked. Router has access from Wan and UPnP disabled.
    • Wireless: Wireless access to network is secured with strong password. WPA2-PSK EAS encryption is used.
    • Firewall: Windows 7 built-in firewall is enabled and blocks unsolicited inbound connections. Outbound connections are not monitored.

    System and applications security:
    • Sandboxie: Chrome, Firefox and IE are always run in seperate sandoxes. This is how SBIE is set:
    - container folder is set on RamDisk
    - immediate recovery to download folder is enabled
    - content of sandbox is deleted when the last sandboxed program ends
    - browsers are run with dropped rights
    - browsers have blocked access to personal data
    - browsers have direct access only to bookmarks
    • ESET Nod32 AV: Nod is protecting my system from malware. It is monitoring my file system, Outlook database and http traffic.

    Data security:
    • Acronis True Image: System image is created once a week to another HDD.
    • Keepass: All logins are stored in password protected database. Unique password is used for each login.
    • Truecrypt: All sensitive data is stored in password protected encrypted container.
    • CCleaner: MRUs, temporary files and other junk files are deleted at least once a day.
    • Recuva: It is used to recover accidently deleted files and wipe deleted files from non SSD drive.

    Internet security and privacy:
    • Adblock Plus: ABP extension makes my internet experience clean. EasyList, Malware Domains and EasyPrivacy filters are enabled.
    • OpenDNS: OpenDNS provides reliable internet connection and protects from phishing websites.
    • Other mitigations: No Java installed. No Flash for IE.

    Online banking security:
    • Banking environment: All banking is conducted in sandboxed Chrome after previous browsing session is closed, all sandboxed processes are ended and all data in sandbox is deleted.
    • Paypal: Only payments through Paypal for online purcheses are used. No online merchant gets my credit card information.

    On-demand scanning:
    • HitmanPro: I run default scan once a day.
    • Emsisoft Emergency Kit: Once a week smart scan is run.
    • VirusTotal Uploader: Uploader is used to upload and scan individual files on online service's site.

    Updating:
    • Windows Update: Windows update is used to update system and other software from Microsoft.
    • Secunia PSI: Scan is run once a week to check for security updates for my system and applications.

    Other security related tools:
    • Virtualbox: Virtualbox provides me virtual environment for testing purposes.
    • Autoruns: Autoruns is run once a week to check all startup items.
    • Process Explorer: It is used as replacement for Windows Task Manager.
     
    Last edited by a moderator: Oct 23, 2013
  23. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,974
    Location:
    Parallel Universe
    Ah I understand now.
     
  24. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,974
    Location:
    Parallel Universe
    @tomazyk
    Now that's a setup in detail.:D
     
  25. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,929
    Location:
    SW. Oklahoma
    Ashampoo Antivirus With Bitdefender/Emisoft +Webroot Secure Anywhere + MalwareBytes Antimalware all real time protection. Works great together.:) Plus Chrome and Wfw.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.